One of those who commented in my blog asked if I could write an article about the Firefox browser, and about IDN buffer overflow. IDN Buffer overflow is a software bug that was discovered by Tom Ferris. He published the details concerning his discovery in the Security Protocols Website (http://www.security-protocols.com) together with the exploit codes which, if embedded on a Webpage, will cause the Firefox browser to crash.
Mozilla, makers of Firefox, released an update to the Firefox browser addressing the IDN buffer overflow vulnerability discovered by Tom Ferris. While this was going on, another person publicly released an exploit that allows users to exploit the IDN buffer overflow vulnerability in Firefox, Netscape and other Mozilla products. The latter exploit, by the way, is said to be more effective with Firefox and other Mozilla products.
The latter exploit could let attackers take complete control over computers surfing the Web with unpatched versions of the Firefox browser according to the security fix blog (http://blogs.washingtonpost.com/securityfix/) of the Washington Post.
The exploit is called the PwnZilla 5 (http://www.milw0rm.com/id.php?id=1224) and is designed for all the Mozilla based browsers such as Netscape and Firefox.
It is recommended that, considering the public release of the exploit in question, every Firefox user should update their browser to version 1.0.7. A new version of the Mozilla browser that addresses the IDN buffer overflow vulnerability was also released a day after the Mozilla Foundation released the update for the Firefox browser. In case you didn’t receive the automatic update for Firefox, you can download the latest version at the Mozilla Foundation’s easy-to-access Website (http://www.mozilla.org).
Don’t forget to maximize your use of the Firefox browser by installing useful extensions which you can find at http://addons.mozilla.org.
OPERA
Despite the fact that Opera removed its advertisements and license fees I believe that there are too few netizens that have switched to Opera browsers.
Incidentally, Opera made its browser free because it hopes to increase its market share. The total downloads of this browser reached one million six hundred thousand (1,600,000) in the two days after removing the license fees and advertisements found on top of the browser.
Some of the Opera browser features that you will likely love include the built-in mail client, the IRC chat option, a voice feature that allows you to control Opera’s interface by just talking, having documents read aloud, skins that let you change the look of your browser (similar to Winamp).
The Note is another feature you will love in this browser as this allows you to keep notes for a specific Website. Bloggers will very likely love this feature.
For programmers, this is a very good browser that supports w3c standard and allows you to validate just any Website by pressing Ctrl+Alt+V. Opera also supports WML and allows you to preview your Website in case you create a WAP version through the small screen mode feature. And if you’re a security freak, this browser supports SSL versions 2 and 3, and TLS. It also offers automatic 128-bit encryption, the highest available encryption for any Web browser.
